Minix v3.0. Hidden inside Intel Management Engine, and running on a hidden CPU core. Meaning it is part of the hardware of almost every x86-64 processor made since 2005. Including a running http server, for... reasons?

Oh, and apparently AMD copied the approach in their own Management Engine equivalent, up to and including the Minix kernel to run it.

And it was only figured out because of a security vulnerability that exposed it. Google is talking of dropping the use of x86 entirely because the vulnerability is likely to be irremediable since it is occurring in otherwise inaccessible hardware.

Seriously? Is this a joke or something? Am I misunderstanding what they are saying? No, really, please tell me that this isn't as crazy as this is sounding to me right now!

Comments? Corrections? Antidotes for the mind-altering drugs which someone apparently has been dosed with?

(No comments on whom - it could be Intel, it could be the people reporting on it, it could be both, it could be me only imagining I am reading this for all I know. Honestly, this sounds like something The Onion's editors would have rejected as too implausible.)

_________________Rev. First Speaker Schol-R-LEA;2 LCF ELF JAM POEE KoR KCO PPWMTFμή εἶναι βασιλικήν ἀτραπόν ἐπί γεωμετρίανLisp programmers tend to seem very odd to outsiders, just like anyone else who has had a religious experience they can't quite explain to others.

The best antidote would be to implement a fully open CPU-motherboard-peripherals-OS implemetation of the standard x86 PC for 16, 32 and 64-bit architectures, with BIOS and UEFI on top of BIOS as an optional module. It will easily clear out any confusion/privacy-compromising elements, specially reimplementing the x86 CPU as an open source hardware device, then network, sound, video, TV/radio, and the rest.

Comments? Corrections? Antidotes for the mind-altering drugs which someone apparently has been dosed with?

What some people (e.g. attention seekers like EFF) don't say is why this exists in the first place.

The main point of the management engine is to allow the computer's manufacturer to do automated testing and pre-configuration (e.g. setting firmware for the locale the computer will be sold in); and automated and remote configuration/management by the end user. For example, with the right software, an administrator at large company can have untrained labourers plug 100 new computers in at a remote site; then (via. remote networking) turn each computer on, redirect keyboard/video over the network, flash the BIOS, change BIOS setting, install an OS, etc.

Of course for small home/office (excluding the "small branch office for national company with IT department at head office" scenarios that have become very common) this sort of technology is completely unnecessary; and I'd suspect that the only reason it's included is because it's cheaper to include it in all computers than it is to design different chipsets and motherboards for different markets.

Also note that in theory it would be possible to implement (almost all of?) these features in pure silicon, with no little embedded CPU and no software at all; but this wouldn't make any difference for security risks and would just make hardware more expensive and less flexible.

The other thing to consider is that it's also used to increase security (e.g. things like checking firmware's signature before firmware is started to guard against root-kits in firmware); so even if you have no need for remote configuration/management you'd still have to weigh up the risk of having a management engine against the risk of not having a management engine. Unless you actually know how many vulnerabilities the ME prevents you can't say "removing ME will improve security" because its removal could just make everything far more vulnerable.

Note 1: For me specifically; I wish ME (and SMM and ACPI) never existed. With the right software; it wouldn't be that hard to replace most of the functionality provided by ME with a combination of wake-on-LAN and network boot (where admin asks DHCP server to tell the computer to download/boot "management tools" then sends the magic "wake on LAN" packet to the client; and once booted those tools can include the ability to update firmware, change BIOS settings, install an OS, etc). Of course most OSs already support remote desktop, so (if the OS is setup for that) you shouldn't need ME after an OS boots.

Note 2: I'm already sick of hearing the incredibly idiotic "Minix 3 in ME" hype. At best, it's probably less than a few thousand lines of code taken from the Minix micro-kernel, without a single scrap of the entire Minix user-space (which includes drivers and services and everything else that is necessary to turn a bare micro-kernel into an actual OS).

Cheers,

Brendan

_________________For all things; perfection is, and will always remain, impossible to achieve in practice. However; by striving for perfection we create things that are as perfect as practically possible. Let the pursuit of perfection be our guide.

Note 1: For me specifically; I wish ME (and SMM and ACPI) never existed. With the right software; it wouldn't be that hard to replace most of the functionality provided by ME with a combination of wake-on-LAN and network boot (where admin asks DHCP server to tell the computer to download/boot "management tools" then sends the magic "wake on LAN" packet to the client; and once booted those tools can include the ability to update firmware, change BIOS settings, install an OS, etc). Of course most OSs already support remote desktop, so (if the OS is setup for that) you shouldn't need ME after an OS boots.

I think the niche of management engine is not really remote administration (that is better done using ssh) but remote crash diagnosis and recovery. At least, that is what IPMI is used for at my workplace. IPMI provides access to stuff like the BIOS and the actual VGA output even before the OS boots. If the OS crashes or freezes, wake-over-LAN will not help you to reboot it. I've encountered multiple situations where the OS was still running but not responding to ssh (e.g. because some OOM killer decided to kill critical processes or they crashed for some reasons or because the network connection to storage servers became unreliable). IPMI often still enables you find out what is going wrong without attaching a physical monitor to the node.

Of course, all this can be implemented more sanely than it is done by Intel: Put it on a separate chip that has access to the physical VGA output lines but does not have access to DMA. Attach a separate ethernet subnet to this chip and put it behind a physical firewall. I think this is also what vendors of more sophisticated management engines do, but of course that is much more expensive.

The previous version of Intel AMT used an ARC processor together with ThreadX RTOS. I wonder what made them change to Intel x86 with MINIX? Was it because Intel wanted to use their own processor IPs as much as possible?

I feel like Tanenbaum is playing with himself here over the fact that someone actually used Minix for something other than an example of why you don't try to slander Linus Torvalds when all you have is your academia and no real world usage.

No one really cares about Minix anymore and the people who would probably are likely at the point of shrieking about how Tanenbaum is an anti-free dictator for dropping something like this in response to Intel using Minix in ME, because grrr Intel ME evil grrr I use a tenth-the-performance-per-watt "free" laptop produced in the People's Republic of China connected to a wireless network that has a path back to the internet

Maybe I just like the Intel ME because insufferable GNU-ites freak out about it.

_________________In our business, a one in a million chance is next Tuesday.

What are you talking about? The 'congratulations' part was just a joke over the 'Minix is in every PC!11!!!1!1!' thing (which, as Brendan points out, isn't really the case - thank you for the clarification, Brendan, the sources I'd seen were very misleading about that part). Tannenbaum had nothing to do with that. AFAIK, Tannenbaum himself hasn't responded to this publicly, and may not even be aware of it.

EDIT: he has responded now.. Apparently, he was surprised to hear about it. Also, it sounds as if he was trying to make it a commercial system a few years ago after all, contrary to what I said later in this post.

In fact, part of the freak-out over this is because Intel doesn't seem to have told him about their use of his code - though given the fact that it is under the BSD license (since 2000, according to Wicked-Pedo), they probably didn't really need to.

Besides, the argument with Torvalds back in 1992 was over the kernel model, not licensing. He certainly never had a beef with Linux getting big - he had a beef with it being a nasty grotty impure monolithic kernel rather than an ivory-tower micro-kernel, and that fight is now over 25 years in the past, something both of them have moved on from long since.

More to the point, he never wanted Minix to be in regular use - it is meant as a student model and a research tool, not practical system. It is a kinda-sorta practical system, and a lot more compete than, say, NACHOS or Xinu (in the late 1980s, I had first edition copies of both the Minix book and the Xinu book - the latter was the version for the LSI-11, as this was before the PC version was published), but it is still designed mainly to be easily understood. I don't know if he's planning a fourth edition, as the third is now twelve years old, but if he does, it will be in support of his textbook, which is why it exists in the first place. If he has any reaction beyond, "huh, that's weird, why did they do that?", it will probably be, "But, but, but... it's supposed to be a demonstrator, not an industrial-strength system, it's not up to doing something like that!"

_________________Rev. First Speaker Schol-R-LEA;2 LCF ELF JAM POEE KoR KCO PPWMTFμή εἶναι βασιλικήν ἀτραπόν ἐπί γεωμετρίανLisp programmers tend to seem very odd to outsiders, just like anyone else who has had a religious experience they can't quite explain to others.

Who is online

Users browsing this forum: Google [Bot] and 2 guests

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot post attachments in this forum